Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 75586 invoked from network); 9 Sep 2006 14:13:22 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 9 Sep 2006 14:13:22 -0000 Received: (qmail 6616 invoked by uid 500); 9 Sep 2006 14:13:09 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 6599 invoked by uid 500); 9 Sep 2006 14:13:08 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 6588 invoked by uid 99); 9 Sep 2006 14:13:08 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 09 Sep 2006 07:13:08 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=HTML_MESSAGE X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [64.40.100.194] (HELO socrates.thinkhost.com) (64.40.100.194) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 09 Sep 2006 07:13:06 -0700 Received: from geier (adsl-64-91-71-139-rb.lax.customer.centurytel.net [64.91.71.139]) by socrates.thinkhost.com (8.13.6/8.13.5) with SMTP id k88ItSWR079336 for ; Fri, 8 Sep 2006 14:55:29 -0400 (EDT) (envelope-from jgeier@apt-cafm.com) Message-ID: <007001c6d378$7214f470$6700a8c0@geier> From: "Jeanna Geier" To: "Tomcat Users List" Subject: Error: No available certificate or key corresponds to the SSL cipher suites which are enabled. Date: Fri, 8 Sep 2006 13:56:08 -0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_006D_01C6D34E.88CA31A0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Antivirus: avast! (VPS 0636-3, 09/08/2006), Outbound message X-Antivirus-Status: Clean X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N ------=_NextPart_000_006D_01C6D34E.88CA31A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi All- I'm running into an odd problem and am hoping that someone out there can = help me! I'm trying to configure and run SSL; I am able to create, startup and = run everyting when I am using a self-signed certificate. (Yeah!) However, when I attempt to use a trial certificate from thawte (which is = where we want to get to), I am getting an error. Here's what I'v done = (http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html): - created a local Certificate: >keytool -genkey -alias tomcat -keyalg = RSA=20 I didn't get a 'chain certificate' with my free trial, so for the next = step, I imported the certificate I got from Thawte: - keytool -import -alias root -keystore C:\Documents and = Settings\HP_Administrator\.keystore -trustcacerts -file = C:\thawte_ca_cert.cert Then I imported the new certificate under my tomcat user: - keytool -import -alias tomcat -keystore C:\Documents and = Settings\HP_Administrator\.keystore -trustcacerts -file = C:\thawte_ca_cert.cert According to the directions, that should be it; however, when I go to = start Tomcat, I get the following error: at = org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocket= Factory.java:113) at = org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.j= ava:368) at = org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:549= ) at = org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.= java:683) at java.lang.Thread.run(Thread.java:595) Sep 8, 2006 1:34:04 PM org.apache.tomcat.util.net.PoolTcpEndpoint = acceptSocket WARNING: Reinitializing ServerSocket Sep 8, 2006 1:34:04 PM org.apache.tomcat.util.net.PoolTcpEndpoint = acceptSocket=20 SEVERE: Endpoint [SSL: = ServerSocket[addr=3D0.0.0.0/0.0.0.0,port=3D0,localport=3D443]] ignored = exception: java.net.SocketException: SSL handshake = errorjavax.net.ssl.SSLException: No available certificate or key = corresponds to the SSL cipher suites which are enabled. java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: = No available certificate or key corresponds to the SSL cipher suites = which are enabled. When I search/google on this, it says that one cause could be "different = passwords has been used for the certificate and the Keystore. In this = case, use the Keytool to change the password of the certificate to match = the password of the Keystore." - but that's not the case. Please, any help you can offer would be greatly appreciated. Thanks! -Jeanna ------=_NextPart_000_006D_01C6D34E.88CA31A0--